|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Evasi0n"
m |
(some important code) |
||
| Line 84: | Line 84: | ||
* AMFID code-signing kernel changes |
* AMFID code-signing kernel changes |
||
* [[ASLR]] circumvention by using [[Exception Vector|ARM exception vectors]] |
* [[ASLR]] circumvention by using [[Exception Vector|ARM exception vectors]] |
||
| + | |||
| + | == Code == |
||
| + | <code>launchd.conf</code> |
||
| + | bsexec .. /sbin/mount -u -o rw,suid,dev / |
||
| + | setenv DYLD_INSERT_LIBRARIES /private/var/evasi0n/amfi.dylib |
||
| + | load /System/Library/LaunchDaemons/com.apple.MobileFileIntegrity.plist |
||
| + | bsexec .. /private/var/evasi0n/evasi0n |
||
| + | unsetenv DYLD_INSERT_LIBRARIES |
||
| + | bsexec .. /bin/rm -f /private/var/evasi0n/sock |
||
| + | bsexec .. /bin/ln -f /var/tmp/launchd/sock /private/var/evasi0n/sock |
||
== External Links == |
== External Links == |
||
Revision as of 01:10, 8 February 2013
evasi0n is a jailbreak tool that can be used to jailbreak (untethered) iOS 6.0-6.1 on all supported devices, excluding the Apple TV 3G. It was releasd on 4 Feburary 2013 by its developers, evad3rs, and supports Windows, OS X, and Linux (x86 and x86_64).
Supported Devices
As of evasi0n's release, the only unsupported device is the Apple TV 3G, since the kernel is still missing a injector vector to run unsigned code. All other devices on iOS 6.0-6.1 are supported (as well as iOS 5.2 for the Apple TV 2G).
Version History
1.0
Version 1.0 was released on 4 February 2013. This version contains a bug that causes the Weather app to not work. The Notification Center widget is unaffected.
Changelog
- Initial release
1.1
Version 1.1 was released on 6 February 2013. This version fixes a few reported issues.
Changelog
- Prevent Weather app from appearing on iPads
- Mitigated the long reboot issue
- Fix issue with not working after connecting multiple iOS devices
- Fix blinking of the jailbreak instructions on OS X
- Codesigned Mac app
Download
| Version | Release Date | OS | SHA-1 Hash | Download | |||
|---|---|---|---|---|---|---|---|
| 1.0 | 04 Feb 2013 | Linux | c9e4b15a161b89f0e412721f471c5f8559b6054f
|
Mega | |||
| Mac OS X | 23f99a0d65e71fd79ff072b227f0ecb176f0ffa8
|
Mega | |||||
| Windows | 2ff288e1798b4711020e9dd7f26480e57704d8b2
|
Mega | |||||
| 1.1 | 06 Feb 2013 | Linux | 6c06a6be87e003eee470eb749b42ffbaafcc9e62
|
Google Sites | Box | Mega | RapidShare |
| Mac OS X | ae9d20bc927976a1f55089cd80afca48de0f7a2e
|
Google Sites | Box | Mega | RapidShare | ||
| Windows | 4225b01afd4a4fd1277565954964bd3310ad8b5f
|
Google Sites | Box | Mega | RapidShare | ||
Exploits
evasi0n takes advantage of at least five distinct new vulnerabilities:
- Use of symbolic links in time zone file to socket
- Unix "shebang" trick
- Change of launchd.conf for untethering
- AMFID code-signing kernel changes
- ASLR circumvention by using ARM exception vectors
Code
launchd.conf
bsexec .. /sbin/mount -u -o rw,suid,dev / setenv DYLD_INSERT_LIBRARIES /private/var/evasi0n/amfi.dylib load /System/Library/LaunchDaemons/com.apple.MobileFileIntegrity.plist bsexec .. /private/var/evasi0n/evasi0n unsetenv DYLD_INSERT_LIBRARIES bsexec .. /bin/rm -f /private/var/evasi0n/sock bsexec .. /bin/ln -f /var/tmp/launchd/sock /private/var/evasi0n/sock
External Links
|
This jailbreaking article is a "stub", an incomplete page. Please add more content to this article and remove this tag. |
